Add caveat about auditing superusers.
commit : 8349710fbbe38ca9518ebe753a528b94f5ab2c19
author : David Steele <david@pgmasters.net>
date : Tue, 14 Jun 2022 13:32:06 -0400
committer: David Steele <david@pgmasters.net>
date : Tue, 14 Jun 2022 13:32:06 -0400 M README.md
PostgreSQL 15 support.
commit : ee1c3f5d042ff9a031ca515305b3ede8526b28b3
author : David Steele <david@pgmasters.net>
date : Mon, 13 Jun 2022 16:31:20 -0400
committer: David Steele <david@pgmasters.net>
date : Mon, 13 Jun 2022 16:31:20 -0400 M Makefile
M README.md
M expected/pgaudit.out
D pgaudit–1.6–1.6.1.sql
D pgaudit–1.6.1–1.6.2.sql
R100 pgaudit–1.6.2.sql pgaudit–1.7.sql
M pgaudit.control
M sql/pgaudit.sql
M test/Dockerfile.debian
M test/Dockerfile.rhel
Documentation updates missed in PostgreSQL 14 release.
commit : 1930790e4bd07171b54a35890a117fe32ddcab7b
author : David Steele <david@pgmasters.net>
date : Mon, 13 Jun 2022 16:11:51 -0400
committer: David Steele <david@pgmasters.net>
date : Mon, 13 Jun 2022 16:11:51 -0400 M README.md
Add explanation why `CREATE EXTENSION` is required.
commit : 02d3dfd91ba97a077384426cef0d77fdd4b7af38
author : Yuli <yuli@crunchydata.com>
date : Mon, 13 Jun 2022 15:41:22 -0400
committer: GitHub <noreply@github.com>
date : Mon, 13 Jun 2022 15:41:22 -0400 M README.md
Explicitly grant permissions on public schema in expect script.
commit : 6a3ab20747aafeb61591d35c2703898223b5c076
author : David Steele <david@pgmasters.net>
date : Mon, 13 Jun 2022 14:00:26 -0400
committer: David Steele <david@pgmasters.net>
date : Mon, 13 Jun 2022 14:00:26 -0400 PostgreSQL >= 15 does not automatically grant rights on the public schema.
It makes sense to back patch this to older versions to minimize differences in the script. M expected/pgaudit.out
M sql/pgaudit.sql
Reorder container scripts for more efficient builds across versions.
commit : 959f0652ea75f0d0d44322f9cb5f069dbfa33194
author : David Steele <david@pgmasters.net>
date : Mon, 13 Jun 2022 12:36:54 -0400
committer: David Steele <david@pgmasters.net>
date : Mon, 13 Jun 2022 12:36:54 -0400 M test/Dockerfile.debian
M test/Dockerfile.rhel
Fix typo in pgaudit.role help.
commit : 605aa9dad13437874b8e111f306f1cd26b67e7b1
author : tjjcarroll <tjjcarroll@hotmail.com>
date : Wed, 4 May 2022 15:35:10 -0400
committer: David Steele <david@pgmasters.net>
date : Wed, 4 May 2022 15:35:10 -0400 M pgaudit.c
Stamp 1.6.2.
commit : 267eb83a14ca29f37821f297974991206aa91dee
author : David Steele <david@pgmasters.net>
date : Fri, 25 Feb 2022 15:00:56 -0600
committer: David Steele <david@pgmasters.net>
date : Fri, 25 Feb 2022 15:00:56 -0600 M Makefile
A pgaudit–1.6.1–1.6.2.sql
R100 pgaudit–1.6.1.sql pgaudit–1.6.2.sql
M pgaudit.control
Skip logging script statements for create/alter extension.
commit : 6460d9fec78c344245c70309551bb314415268a8
author : David Steele <david@pgmasters.net>
date : Fri, 25 Feb 2022 11:27:12 -0600
committer: GitHub <noreply@github.com>
date : Fri, 25 Feb 2022 11:27:12 -0600 PostgreSQL reports the statement text for each statement in the script as the entire script text, which can blow up the logs. The create/alter statement will still be logged.
Since a superuser is responsible for determining which extensions are available, and in most cases installing them, it should not be necessary to log each statement in the script.
Reported by Craig Kerstiens (@craigkerstiens).
Reviewed by Joe Conway (@jconway), John Harvey (@crunchyjohn).M expected/pgaudit.out
M pgaudit.c
M sql/pgaudit.sql
M test/Dockerfile.rhel
Update copyright end year.
commit : 52d3ff4f13e313843077b87dd7eee472b2e9ee4f
author : crunchymaggie <60894147+crunchymaggie@users.noreply.github.com>
date : Fri, 25 Feb 2022 11:48:46 -0500
committer: GitHub <noreply@github.com>
date : Fri, 25 Feb 2022 11:48:46 -0500 M pgaudit.c
Add security definer and search_path to event trigger functions.
commit : 881c617084cac4985b9471426510af05c2a49dd7
author : David Steele <dwsteele@users.noreply.github.com>
date : Thu, 4 Nov 2021 14:51:17 -0400
committer: GitHub <noreply@github.com>
date : Thu, 4 Nov 2021 14:51:17 -0400 Similar to #156, this prevents users from defining their own versions of functions used in the event triggers. Either one should be sufficient on its own, but both provides better defense against regressions.M Makefile
A pgaudit–1.6–1.6.1.sql
R083 pgaudit–1.6.sql pgaudit–1.6.1.sql
M pgaudit.control
Guard against search-path based attacks.
commit : 4c3a5023f871a70549bce4a7d750231c3f54df76
author : Sergey Shinderuk <sshinderuk@gmail.com>
date : Thu, 4 Nov 2021 18:21:07 +0300
committer: GitHub <noreply@github.com>
date : Thu, 4 Nov 2021 18:21:07 +0300 Use qualified references to functions and operators in the SQL queries executed by the event triggers to prevent users from defining their own functions or operators to replace them.
This would not prevent audit logging, but it would allow the user to modify the type and name of the object in the DDL statement being audited.M expected/pgaudit.out
M pgaudit.c
M sql/pgaudit.sql
Remove remaining references to Vagrant.
commit : 6afeae52d8e4569235bf6088e983d95ec26f13b7
author : David Steele <david@pgmasters.net>
date : Thu, 5 Aug 2021 08:22:32 -0400
committer: David Steele <david@pgmasters.net>
date : Thu, 5 Aug 2021 08:22:32 -0400 Testing is entirely Docker-based now. M .gitignore
M README.md
Fix logic to properly classify SELECT FOR UPDATE as SELECT.
commit : bd6a261f72e08daa3a5f36b46aa4b1728d23709b
author : David Steele <dwsteele@users.noreply.github.com>
date : Thu, 5 Aug 2021 08:02:22 -0400
committer: GitHub <noreply@github.com>
date : Thu, 5 Aug 2021 08:02:22 -0400 This logic was submitted in PR #88 but there was some confusion on my part about what it was supposed to do. Since the title was "Suppress logging for internally generated foreign-key queries" I tried to make it do that, and broke SELECT FOR UPDATE logging, which unfortunately had no test.
Reading the PR again, it seems Peter's intention was only to correctly classify SELECT FOR UPDATE as SELECT. In any case that represents an improvement over what we have, even if it does not suppress logging for internally generated foreign-key queries, at least not in the case of SELECT.
So, revert the logic that suppressed the SELECT FOR UPDATE logging and use Peter's logic that correctly classifies them as SELECT.
Also add a SELECT FOR UPDATE test to prevent regressions.
Reported by Sergey Shinderuk (@shinderuk).
Reviewed by Sergey Shinderuk (@shinderuk), Stephen Frost (@sfrost).M expected/pgaudit.out
M pgaudit.c
M sql/pgaudit.sql
Add RHEL test container.
commit : bb816445df1c770a6f034d7bee0f428fc2265904
author : David Steele <david@pgmasters.net>
date : Tue, 3 Aug 2021 16:17:09 -0400
committer: David Steele <david@pgmasters.net>
date : Tue, 3 Aug 2021 16:17:09 -0400 M .github/workflows/test.yml
A test/Dockerfile.rhel
M test/README.md
M test/test.sh
Add pgaudit.log_rows setting.
commit : e8cded51a4a1a7f503ed29dcce0c85447d6448c5
author : Mingchun Zhao <mzhao@insight-tec.co.jp>
date : Wed, 4 Aug 2021 04:06:45 +0900
committer: GitHub <noreply@github.com>
date : Wed, 4 Aug 2021 04:06:45 +0900 Specifies that audit logging should include the rows retrieved or affected by a statement. When enabled the rows field will be included after the parameter field.
The default is `off`.M README.md
M expected/pgaudit.out
M pgaudit.c
M sql/pgaudit.sql
Add container remove to test command.
commit : ed6975c5222de085926221596c98bfb3531f1a97
author : David Steele <david@pgmasters.net>
date : Sat, 17 Jul 2021 09:26:28 -0400
committer: David Steele <david@pgmasters.net>
date : Sat, 17 Jul 2021 09:26:28 -0400 This allows the test to be run multiple times without leaving behind stopped containers. M test/README.md
Update for ProcessUtility_hook_type changes for 14beta2.
commit : 70b30d43799edc106f9ebfaee178959043e33081
author : David Steele <david@pgmasters.net>
date : Mon, 12 Jul 2021 14:42:50 -0400
committer: David Steele <david@pgmasters.net>
date : Mon, 12 Jul 2021 14:42:50 -0400 Commit 7c337b6b in beta2 changed ProcessUtility_hook_type so update pgaudit to match. M pgaudit.c
PostgreSQL 14 support.
commit : 002f2c3c3b88b367388e04932f9234c7792485cd
author : David Steele <dwsteele@users.noreply.github.com>
date : Wed, 23 Jun 2021 16:51:51 -0400
committer: GitHub <noreply@github.com>
date : Wed, 23 Jun 2021 16:51:51 -0400 Since ExecCheckRTPerms() is no longer called for "create table as" and "create materialized view" the INSERT record will no longer be audit logged. However, the "create table as" and "create materialized view" records are still logged and they imply an insert.M Makefile
M README.md
M expected/pgaudit.out
R100 pgaudit–1.5.sql pgaudit–1.6.sql
M pgaudit.control
M test/Dockerfile.debian
Run make clean for each test.
commit : e3d79b03ee03735cce3b94cd01d1f53d9b04f638
author : David Steele <david@pgmasters.net>
date : Wed, 23 Jun 2021 15:19:17 -0400
committer: David Steele <david@pgmasters.net>
date : Wed, 23 Jun 2021 15:19:17 -0400 This will prevent errors when switching branches and since there is only one file to compile there is not much to be gained by reusing prior objects. M test/test.sh
Remove Vagrantfile.
commit : 6b56031e87221cab510494e00c410246d129e53c
author : David Steele <david@pgmasters.net>
date : Wed, 23 Jun 2021 14:49:10 -0400
committer: David Steele <david@pgmasters.net>
date : Wed, 23 Jun 2021 14:49:10 -0400 This is no longer needed since Docker is now used for testing. D test/Vagrantfile
Add automated testing using Github Actions.
commit : e2e5a69c4dc949d17f86b783c69c7c9b1c76f876
author : David Steele <david@pgmasters.net>
date : Wed, 23 Jun 2021 14:40:00 -0400
committer: David Steele <david@pgmasters.net>
date : Wed, 23 Jun 2021 14:40:00 -0400 A .github/workflows/test.yml
A test/Dockerfile.debian
A test/README.md
A test/test.sh
Revert "PostgreSQL 14 support."
commit : c6d958bb4d1b19cdb649d78f45e4ca501e081d8b
author : David Steele <david@pgmasters.net>
date : Tue, 22 Jun 2021 14:26:35 -0400
committer: David Steele <david@pgmasters.net>
date : Tue, 22 Jun 2021 14:26:35 -0400 This reverts commit b045fb9b90b7225b533502f733250d5a95b94450.
Somehow a development version of this branch got committed, so revert until it can be fixed. M Makefile
M README.md
R100 pgaudit–1.6.sql pgaudit–1.5.sql
M pgaudit.c
M pgaudit.control
M test/Vagrantfile
PostgreSQL 14 support.
commit : b045fb9b90b7225b533502f733250d5a95b94450
author : David Steele <dwsteele@users.noreply.github.com>
date : Fri, 18 Jun 2021 09:00:26 -0400
committer: GitHub <noreply@github.com>
date : Fri, 18 Jun 2021 09:00:26 -0400 Since ExecCheckRTPerms() is no longer called for "create table as" and "create materialized view" we can't depend on that mechanism to log inserts into the newly created table / mat view.
Instead, capture the into relation in the utility hook and then use it to generate an insert log record at query start.M Makefile
M README.md
R100 pgaudit–1.5.sql pgaudit–1.6.sql
M pgaudit.c
M pgaudit.control
M test/Vagrantfile
Add .editorconfig.
commit : 5b0a3a6c1b436adb46d133c6c4e0a9ff306db094
author : David Steele <david@pgmasters.net>
date : Fri, 11 Jun 2021 11:06:48 -0400
committer: David Steele <david@pgmasters.net>
date : Fri, 11 Jun 2021 11:06:48 -0400 A .editorconfig
Add pgaudit.log_statement setting.
commit : 8831cef691b081ce71a14c10a2980de5c46a88f7
author : Peter Eisentraut <peter@eisentraut.org>
date : Thu, 10 Jun 2021 18:27:55 +0200
committer: GitHub <noreply@github.com>
date : Thu, 10 Jun 2021 18:27:55 +0200 This setting, when turned off (not default), turns off all logging of the full statement text and parameters. This is analogous to log_statement_once, except it never logs the statement.
Depending on requirements, the full statement text might not be required in the audit log. The combination of command tag and object can be enough. Omitting the full statement text makes the logs less verbose and can also prevent some accidental information leaks.M README.md
M expected/pgaudit.out
M pgaudit.c
M sql/pgaudit.sql
Update copyright end year.
commit : 28faa197d3a4c63738e9a2f74488f555dc9d95e5
author : David Steele <david@pgmasters.net>
date : Tue, 12 Jan 2021 09:09:59 -0500
committer: David Steele <david@pgmasters.net>
date : Tue, 12 Jan 2021 09:09:59 -0500 M pgaudit.c
Remove PostgreSQL 13 repository used for pre-release testing.
commit : 94a2ae8c203a0a305edf59787a4af57651e59d2b
author : David Steele <david@pgmasters.net>
date : Tue, 12 Jan 2021 09:05:18 -0500
committer: David Steele <david@pgmasters.net>
date : Tue, 12 Jan 2021 09:05:18 -0500 M test/Vagrantfile
Improve compile and install instructions.
commit : fd4319f7c8e215a4f291975f48c931fd55f5b037
author : David Steele <david@pgmasters.net>
date : Tue, 12 Jan 2021 08:55:42 -0500
committer: David Steele <david@pgmasters.net>
date : Tue, 12 Jan 2021 08:55:42 -0500 Adding PG_CONFIG to make suggested by @vkhvorostianyi. M README.md
Remove make check from compile and install section of README.md
commit : 7169e84e1aa6d68f5c59701655ef31f810d171f5
author : Michael Otte <michaelotte1@gmail.com>
date : Tue, 12 Jan 2021 05:32:44 -0800
committer: GitHub <noreply@github.com>
date : Tue, 12 Jan 2021 05:32:44 -0800 This only works when pgaudit is located in a PostgreSQL source tree.M README.md